changeweb 漏洞與 CVE 列表(9)

產品(CPE): — CVE 數: 9

changeweb 漏洞概覽

彙總 changeweb 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。

歷史漏洞主要涉及 跨站腳本 等問題,部分漏洞可能導致 工作階段劫持,並影響 生產負載與軟體部署 相關場景。

相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。

漏洞分布趨勢(近 24 個月)

顯示 199 CVE 數
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
CVE 摘要 來源 最高 CVSS EPSS % 公開時間 更新時間
CVE-2025-46204 An issue in Unifiedtransform v2.0 allows a remote attacker to escalate privileges via the /course/edit/{id} endpoint. [email protected] 6.5 0.34% 2025-06-04 2026-06-17
CVE-2025-46203 An issue in Unifiedtransform v2.0 allows a remote attacker to escalate privileges via the /students/edit/{id} endpoint. [email protected] 6.5 0.32% 2025-06-04 2026-06-17
CVE-2025-25621 Unifiedtransform 2.0 is vulnerable to Incorrect Access Control, which allows teachers to take attendance of fellow teachers. This affected endpoint is /courses/teacher/index?teacher_id=2&semester_id=1. [email protected] 4.3 0.36% 2025-03-17 2026-06-17
CVE-2025-25618 Incorrect Access Control in Unifiedtransform 2.0 leads to Privilege Escalation allowing the change of Section Name and Room Number by Teachers. [email protected] 3.3 0.38% 2025-03-17 2026-06-17
CVE-2025-25620 Unifiedtransform 2.0 is vulnerable to Cross Site Scripting (XSS) in the Create assignment function. [email protected] 5.4 0.52% 2025-03-10 2026-06-17
CVE-2025-25614 Incorrect Access Control in Unifiedtransform 2.0 leads to Privilege Escalation, which allows teachers to update the personal data of fellow teachers. [email protected] 8.8 0.69% 2025-03-10 2026-06-17
CVE-2025-25616 Unifiedtransform 2.0 is vulnerable to Incorrect Access Control, which allows students to modify rules for exams. The affected endpoint is /exams/edit-rule?exam_rule_id=1. [email protected] 4.3 0.39% 2025-03-10 2026-06-17
CVE-2025-25615 Unifiedtransform 2.0 is vulnerable to Incorrect Access Control which allows viewing attendance list for all class sections. [email protected] 2.7 0.45% 2025-03-10 2026-06-17
CVE-2024-53573 Unifiedtransform v2.X is vulnerable to Incorrect Access Control. Unauthorized users can access and manipulate endpoints intended exclusively for administrative use. This issue specifically affects teacher/edit/{id}. [email protected] 9.8 0.50% 2025-02-26 2026-06-17
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
cvelogic Threat Intelligence